Service Overview
CYE’s External Security Risk Assessment is a practical, hands-on evaluation that assesses an organization’s external security posture from the perspective of a potential attacker. The goal is to identify exploitable vulnerabilities, evaluate security readiness, and support ongoing security improvements by monitoring previously identified weaknesses and corresponding mitigation actions.
Methodology
Assessment Phases:
1. External Reconnaissance
This phase involves discovering publicly accessible information that may be leveraged by attackers. Typical activities include:
Passive information gathering from public sources and social networks
Identification and enumeration of public IP address ranges
Detection of publicly disclosed vulnerabilities from hacker forums, IRC channels, and the darknet
Identification and prioritization of information assets
2. Internet Perimeter Breach
Based on defined objectives, this phase evaluates the initial entry vectors into the organization's network through external interfaces. Typical activities involve:
Identification of externally exposed IP addresses and interfaces
Scanning and enumeration to identify open ports and active services, outlining the organization's attack surface
Comprehensive vulnerability assessment of internet-facing services and interfaces
Evaluation of internet connectivity security for corporate network assets
Deliverables
All findings are presented in Hyver, CYE’s Continuous Threat Exposure Management (CTEM) platform
Visualized attack paths to business-critical assets are mapped and displayed in a mitigation graph
The organization’s security maturity level is determined based on the NIST Cybersecurity Framework, taking into account discovered vulnerabilities and organizational context
With these insights, clients can effectively prioritize risks, devise targeted mitigation strategies, and manage remediation timelines, responsibilities, and resource allocation independently.
Prerequisites
Prior to initiating the assessment, the following must be provided:
A detailed list of organizational assets
Domain names
IP addresses for assessment
Names of relevant personnel, technologies, or vendors (depending on assessment scope)
Target asset lists to be finalized prior to commencement
Customer Engagement
A 1–2 hour scoping session with organizational representatives
A one-hour follow-up meeting with a network architect to help clarify technical aspects of the network, hosted assets, and user groups
Relevant Standards
The assessment methodology aligns with:
MITRE ATT&CK Framework
NIST Cybersecurity Framework
Center for Internet Security (CIS) Critical Security Controls
Security Domains Covered
The following security domains may be addressed and revised, depending on the results of the activity:
Cross-organization policies, procedures, and governance
Network level security
Servers, network equipment, and endpoint security
Application-level security
Sensitive data and information management
Identity management and remote access